Dropbox .NET SDK (Refresh Token)

GevorgMel · ‎08-19-2020

Hi,

I found changes in OAuth2 for API, so the authorization could be done with offline access, ascuirung both Access and Refresh tokens. This part is OK, with ProcessCodeFlow method in SDK. But could not find any method to refresh access token using saved refresh token.

Can you please help me with this case?

Thanks,

Greg-DB · ‎12-09-2020

@OFV When your "DropboxClient is instantiated with the Access_token and refresh token", are you also supplying the app key and secret? Those are required to perform the refresh. Make sure you're doing so, like in the example here.

OFV · ‎12-09-2020

Yes I am using the appid and appsecret. I'm using the constructor as in the example, with the addition of the access token expiry date:

CurrentClient = new DropboxClient(accessToken, refreshToken, expiryDate, appKey, appSecret, config);

The access token returned starts with sl. and is 139 bytes long. The refresh token starts with 1y_ and is 64 bytes long.

Fetching data from the api works up to the expiry date, which was set to 2020-12-09 17:37:48. After that fetching data takes a few minutes (!!) before throwing the exception.

OFV · ‎12-10-2020

I found 2 possible culprits:

- My code wasn't properly "asynced", which I know I have to avoid: eg: ListFolderAsync(xxx).result(). I recursively converted all methods to async (which was a long way up), and got rid of the .result calls. (I know these calls result in timeouts when exceptions occur inside)

- In the Dropbox App console for our app, under OAuth section: The "access token expiration" was still set to "no expiration", which I now set to "short lived".

With these 2 updates, it now seems to run (with original accesss token still from yesterday).

GevorgMel · ‎12-10-2020

Try to use a constructor with refreshtoken, appkey, appSecret. It works for me

OFV · ‎12-11-2020

Gevorg,

Thanks for the help, but it wroks for me now, even with the extra params in the constructor.

My issue was due to the 2 culprits I described in my previous post.

abeyaz · ‎12-22-2020

I am saving only the refresh token to database and using dropboxClient with refresh token, appkey, appsecret constructor. Do I need to save the access token also and use accessToken, refreshToken, appKey, appSecret, config constructor instead. What is the difference between them?

GevorgMel · ‎12-22-2020

No, there is no need to save access token, if you’re using appId, appSecret and refresh token it is enough. Provided access token will be ignored anyway.

Greg-DB · ‎12-22-2020

@abeyaz GevorgMel is correct, you do not need to supply the access token as well. That is optional, since only the refresh token, app key, and app secret are actually needed to perform the refresh to get a new short-lived access token.

abeyaz · ‎12-22-2020

Thank you. Documentation says refresh tokens are long-lived. How long exactly? Say it is 6 months, does it mean we need to involve client again to get a new authentication code and then a new refresh token ?

Greg-DB · ‎12-22-2020

@abeyaz Refresh tokens don't expire by themselves, but they can be revoked on demand by the user/app.

Dropbox .NET SDK (Refresh Token)

Dropbox .NET SDK (Refresh Token)

Top contributors to this post